Navigation

The six steps you must take to ensure GDPR compliance

Share on social media

If you thought this page is useful to your friend, use this form to send.

Friend Email

Enter your message

It’s late, but not too late, to start considering GDPR. The EU’s General Data Protection Regulations come into force this month, and will fundamentally change the way businesses gather, handle and transmit data. They represent one of the biggest shifts in consumer rights for a generation, and businesses that don’t comply will face swift and stiff retribution.

Whether you’re still at the planning stage, or you’ve implemented the necessary changes to your processes, Red Olive is here to help. We’ve devised a six-step process for any business that needs to audit its data chain; from collection, through storage, to use and disposal, we’ve encapsulated the process in the name “SHIELD” where each letter stands for a different step in the process – and we’ll be explaining it in more detail at our London GDPR event on Friday, 18 May.

Achieving and maintaining GDPR compliance

“Our work with a wide variety of B2B and B2C organisations has shown us that a single standard solution for complying with GDPR simply doesn’t exist,” says Red Olive client director, Jefferson Lynch.

“Yet there are processes that work across the board and show an intent to comply with the law. For any business that wants to build a defensible position, our SHIELD process can provide a practical approach. It works for businesses of any size and can help them make sure they become, and perhaps more importantly, remain GDPR compliant.

Implementing GDPR isn’t a one-off operation, but an ongoing change in the way we all do business. “We’ve teamed up with GB&Smith to showcase how to automate different elements of the SHIELD process to collate and track essential information by leveraging the power of its 360Suite solution. The tools provide in-depth visibility into the content of a Business Objects deployment including, critically, how to document data flows to achieve and maintain compliance – and prove it to auditors.

“There is no end date for GDPR,” Jefferson says. “Like submitting accounts, training staff and marketing, it will become an evolving responsibility for the business – and one that will change as the organisation itself grows, moves into new markets and interacts with its customers.”

Past masters in future legislation

Red Olive has helped some of the biggest names in business design and manage their data architecture, advising companies such as Samsung, Bank of China, Thames Water and Telegraph Media Group on their collation, analysis and presentation operations. It’s recently been working across publishing and recruitment – two diverse sectors that rely on precisely the kind of permission-based marketing that GDPR will affect.

“What we’re not giving them is legal advice,” Jefferson explains. “We’re showing them how to make their position defensible, always with the consumer in mind. GDPR is ultimately about the rights of the man in the street, so we’re helping these organisations devise a strategy that works both for the teams in-house and all of us.”

While Jefferson stresses that Red Olive’s practical, easy-to-implement steps are designed to work for any organisation, “for anyone who’s already made provision for GDPR, they’re a useful check, giving peace of mind that you’re doing the right thing in advance of the provisions becoming law.”

Red Olive will be presenting its six-step plan for achieving GDPR compliance with 360Suite Tools at Holborn, London, on 18 May. Call 01256 831100 or email ben.white@red-olive.co.uk to book your free place.